899659 - evaluate isForeignInstall for detecting side installs

Status: RESOLVED FIXED

(Firefox :: General, defect)

Description

[[:mmc] Monica Chew (no longer reading bugmail)]

+++ This bug was initially created as a clone of Bug #899173 +++

From https://bugzilla.mozilla.org/show_bug.cgi?id=899173#c12, there is a field isForeignInstall in the xpi DB that was added to detect side-installs. From mossop's comment this field might have no false positives.

This could be used in conjunction with the preference extensions.autoDisableScopes if it turns out to have better coverage for detecting side-installed addons.

Comment 1

[Kris Maglione [:kmag]]

Attachment: Side-installer

I found an installer today which side-installs an add-on, bypasses about:newaddon, and does so without setting the foreignInstall flag. I don't have the details yet, but I suspect that it modifies extensions.sqlite to bypass the opt-in.

Comment 2

[Kris Maglione [:kmag]]

Ah. It looks like it's just dropping it in the `staged/` directory. It does contain sqlite3.dll, but it doesn't seem to actually touch any of our databases.

Comment 3

[Kris Maglione [:kmag]]

Which is bug 870031

Comment 4

[Kris Maglione [:kmag]]

Resolving as fixed, since the details are currently pretty well understood:

• The foreign install flag does give good indications of foreign installs as generated by many installers, and high correlation between enabled status and foreign install flag gives us a good indication of silent installs

• However, there are many methods of bypassing the foreign install flag, the simplest of which is to dump the add-on in the `staged/` directory, which also bypasses `autoDisableScopes` and thus triggers a silent install.

Restricting access to this bug, since I don't want the above to be especially public.